Contents

Nokia Xpress Browser uses intermediate Nokia proxy servers to optimize web pages based on the capabilities and screen size of the device. The proxy servers also compress data to reduce data transmission charges for the mobile user.[5] The browser was released for Lumia devices in 2012.[6]

Like the Opera Mini, the Nokia Xpress browser decrypts and compresses HTTPS traffic, routing it through Nokia's own servers.[7] This practice seeks to provide faster browsing for users of feature phones and smartphones with lower processing power (and thus lower bills for less mobile data usage).[8] However, as pointed out by researcher Gaurang K. Pandya, this raises serious privacy concerns, because Nokia is essentially "performing Man In The Middle Attack for sensitive HTTPS traffic" and temporarily decrypting user data—which could be sensitive financial information, passwords.[9] The company admitted to the technical details, but stated, "Claims that we would access complete unencrypted information are inaccurate".[10]GigaOm criticized Nokia, which, unlike the Opera Mini, has failed to make it clear that HTTPS traffic will be decrypted during transit. It recommended that Nokia learn from Amazon's Silk browser, which leaves HTTPS traffic unperturbed.[11]